6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2001,2006 The FreeRADIUS server project
21 * Copyright 2001 Kostas Kalevras <kkalev@noc.ntua.gr>
24 #include <freeradius-devel/ident.h>
27 #include <freeradius-devel/radiusd.h>
28 #include <freeradius-devel/modules.h>
32 #include "../../include/md5.h"
33 #include "../../include/sha1.h"
35 #define PAP_ENC_INVALID -1
36 #define PAP_ENC_CLEAR 0
37 #define PAP_ENC_CRYPT 1
39 #define PAP_ENC_SHA1 3
42 #define PAP_ENC_SMD5 6
43 #define PAP_ENC_SSHA 7
44 #define PAP_ENC_NS_MTA_MD5 8
45 #define PAP_ENC_AUTO 9
50 * Define a structure for our module configuration.
52 * These variables do not need to be in a structure, but it's
53 * a lot cleaner to do so, and a pointer to the structure can
54 * be used as the instance handle.
56 typedef struct rlm_pap_t {
57 const char *name; /* CONF_SECTION->name, not strdup'd */
58 char *scheme; /* password encryption scheme */
66 * A mapping of configuration file names to internal variables.
68 * Note that the string is dynamically allocated, so it MUST
69 * be freed. When the configuration file parse re-reads the string,
70 * it free's the old one, and strdup's the new one, placing the pointer
71 * to the strdup'd string into 'config.string'. This gets around
74 static const CONF_PARSER module_config[] = {
75 { "encryption_scheme", PW_TYPE_STRING_PTR, offsetof(rlm_pap_t,scheme), NULL, "auto" },
76 { "auto_header", PW_TYPE_BOOLEAN, offsetof(rlm_pap_t,auto_header), NULL, "no" },
77 { NULL, -1, 0, NULL, NULL }
80 static const LRAD_NAME_NUMBER schemes[] = {
81 { "clear", PAP_ENC_CLEAR },
82 { "crypt", PAP_ENC_CRYPT },
83 { "md5", PAP_ENC_MD5 },
84 { "sha1", PAP_ENC_SHA1 },
87 { "smd5", PAP_ENC_SMD5 },
88 { "ssha", PAP_ENC_SSHA },
89 { "auto", PAP_ENC_AUTO },
90 { NULL, PAP_ENC_INVALID }
95 * For auto-header discovery.
97 static const LRAD_NAME_NUMBER header_names[] = {
98 { "{clear}", PW_CLEARTEXT_PASSWORD },
99 { "{cleartext}", PW_CLEARTEXT_PASSWORD },
100 { "{md5}", PW_MD5_PASSWORD },
101 { "{smd5}", PW_SMD5_PASSWORD },
102 { "{crypt}", PW_CRYPT_PASSWORD },
103 { "{sha}", PW_SHA_PASSWORD },
104 { "{ssha}", PW_SSHA_PASSWORD },
105 { "{nt}", PW_NT_PASSWORD },
106 { "{x-nthash}", PW_NT_PASSWORD },
107 { "{ns-mta-md5}", PW_NS_MTA_MD5_PASSWORD },
112 static int pap_detach(void *instance)
114 rlm_pap_t *inst = (rlm_pap_t *) instance;
122 static int pap_instantiate(CONF_SECTION *conf, void **instance)
128 * Set up a storage area for instance data
130 inst = rad_malloc(sizeof(*inst));
134 memset(inst, 0, sizeof(*inst));
137 * If the configuration parameters can't be parsed, then
140 if (cf_section_parse(conf, inst, module_config) < 0) {
144 if (inst->scheme == NULL || strlen(inst->scheme) == 0){
145 radlog(L_ERR, "rlm_pap: No scheme defined");
150 inst->sch = lrad_str2int(schemes, inst->scheme, PAP_ENC_INVALID);
151 if (inst->sch == PAP_ENC_INVALID) {
152 radlog(L_ERR, "rlm_pap: Unknown scheme \"%s\"", inst->scheme);
157 inst->name = cf_section_name2(conf);
159 inst->name = cf_section_name1(conf);
162 dval = dict_valbyname(PW_AUTH_TYPE, inst->name);
164 inst->auth_type = dval->value;
176 * Decode one base64 chunk
178 static int decode_it(const char *src, uint8_t *dst)
183 for(i = 0; i < 4; i++) {
184 if (src[i] >= 'A' && src[i] <= 'Z')
185 x = (x << 6) + (unsigned int)(src[i] - 'A' + 0);
186 else if (src[i] >= 'a' && src[i] <= 'z')
187 x = (x << 6) + (unsigned int)(src[i] - 'a' + 26);
188 else if(src[i] >= '0' && src[i] <= '9')
189 x = (x << 6) + (unsigned int)(src[i] - '0' + 52);
190 else if(src[i] == '+')
192 else if (src[i] == '/')
194 else if (src[i] == '=')
199 dst[2] = (unsigned char)(x & 255); x >>= 8;
200 dst[1] = (unsigned char)(x & 255); x >>= 8;
201 dst[0] = (unsigned char)(x & 255); x >>= 8;
210 static int base64_decode (const char *src, uint8_t *dst)
217 while (src[length] && src[length] != '=') length++;
219 while (src[length + equals] == '=') equals++;
221 num = (length + equals) / 4;
223 for (i = 0; i < num - 1; i++) {
224 if (!decode_it(src, dst)) return 0;
229 decode_it(src, last);
230 for (i = 0; i < (3 - equals); i++) {
234 return (num * 3) - equals;
239 * Hex or base64 or bin auto-discovery.
241 static void normify(VALUE_PAIR *vp, int min_length)
246 if ((size_t) min_length >= sizeof(buffer)) return; /* paranoia */
251 if (vp->length >= (2 * min_length)) {
252 decoded = lrad_hex2bin(vp->vp_octets, buffer, vp->length >> 1);
253 if (decoded == (vp->length >> 1)) {
254 DEBUG2("rlm_pap: Normalizing %s from hex encoding", vp->name);
255 memcpy(vp->vp_octets, buffer, decoded);
256 vp->length = decoded;
262 * Base 64 encoding. It's at least 4/3 the original size,
263 * and we want to avoid division...
265 if ((vp->length * 3) >= ((min_length * 4))) {
266 decoded = base64_decode(vp->vp_octets, buffer);
267 if (decoded >= min_length) {
268 DEBUG2("rlm_pap: Normalizing %s from base64 encoding", vp->name);
269 memcpy(vp->vp_octets, buffer, decoded);
270 vp->length = decoded;
276 * Else unknown encoding, or already binary. Leave it.
282 * Authorize the user for PAP authentication.
284 * This isn't strictly necessary, but it does make the
285 * server simpler to configure.
287 static int pap_authorize(void *instance, REQUEST *request)
289 rlm_pap_t *inst = instance;
290 int auth_type = FALSE;
291 int found_pw = FALSE;
292 VALUE_PAIR *vp, *next;
294 for (vp = request->config_items; vp != NULL; vp = next) {
297 switch (vp->attribute) {
298 case PW_USER_PASSWORD: /* deprecated */
302 * Look for '{foo}', and use them
304 if (!inst->auto_header ||
305 (vp->vp_strvalue[0] != '{')) {
310 case PW_PASSWORD_WITH_HEADER: /* preferred */
319 p = strchr(q + 1, '}');
322 * FIXME: Turn it into a
323 * cleartext-password, unless it,
324 * or user-password already
330 if ((size_t) (p - q) > sizeof(buffer)) break;
332 memcpy(buffer, q, p - q + 1);
333 buffer[p - q + 1] = '\0';
335 attr = lrad_str2int(header_names, buffer, 0);
337 DEBUG2("rlm_pap: Found unknown header {%s}: Not doing anything", buffer);
341 new_vp = radius_paircreate(request,
342 &request->config_items,
343 attr, PW_TYPE_STRING);
344 strcpy(new_vp->vp_strvalue, p + 1);/* bounds OK */
345 new_vp->length = strlen(new_vp->vp_strvalue);
348 * May be old-style User-Password with header.
349 * We've found the header & created the proper
350 * attribute, so we should delete the old
351 * User-Password here.
353 pairdelete(&request->config_items, PW_USER_PASSWORD);
357 case PW_CLEARTEXT_PASSWORD:
358 case PW_CRYPT_PASSWORD:
359 case PW_NS_MTA_MD5_PASSWORD:
361 break; /* don't touch these */
363 case PW_MD5_PASSWORD:
364 case PW_SMD5_PASSWORD:
367 normify(vp, 16); /* ensure it's in the right format */
371 case PW_SHA_PASSWORD:
372 case PW_SSHA_PASSWORD:
373 normify(vp, 20); /* ensure it's in the right format */
378 * If it's proxied somewhere, don't complain
379 * about not having passwords or Auth-Type.
381 case PW_PROXY_TO_REALM:
383 REALM *realm = realm_find(vp->vp_strvalue);
384 if (realm && !realm->auth_pool) {
385 return RLM_MODULE_NOOP;
394 * Auth-Type := Accept
395 * Auth-Type := Reject
397 if ((vp->vp_integer == 254) ||
398 (vp->vp_integer == 4)) {
404 break; /* ignore it */
410 * Print helpful warnings if there was no password.
414 * Likely going to be proxied. Avoid printing
417 if (pairfind(request->config_items, PW_REALM) ||
418 (pairfind(request->config_items, PW_PROXY_TO_REALM))) {
419 return RLM_MODULE_NOOP;
423 * The TLS types don't need passwords.
425 vp = pairfind(request->packet->vps, PW_EAP_TYPE);
427 ((vp->vp_integer == 13) || /* EAP-TLS */
428 (vp->vp_integer == 21) || /* EAP-TTLS */
429 (vp->vp_integer == 25))) { /* PEAP */
430 return RLM_MODULE_NOOP;
433 DEBUG("rlm_pap: WARNING! No \"known good\" password found for the user. Authentication may fail because of this.");
434 return RLM_MODULE_NOOP;
438 * Don't touch existing Auth-Types.
441 DEBUG2("rlm_pap: Found existing Auth-Type, not changing it.");
442 return RLM_MODULE_NOOP;
446 * Can't do PAP if there's no password.
448 if (!request->password ||
449 (request->password->attribute != PW_USER_PASSWORD)) {
451 * Don't print out debugging messages if we know
454 if (request->packet->code == PW_ACCESS_CHALLENGE) {
455 return RLM_MODULE_NOOP;
458 DEBUG2("rlm_pap: No clear-text password in the request. Not performing PAP.");
459 return RLM_MODULE_NOOP;
462 if (inst->auth_type) {
463 vp = radius_paircreate(request, &request->config_items,
464 PW_AUTH_TYPE, PW_TYPE_INTEGER);
465 vp->vp_integer = inst->auth_type;
468 return RLM_MODULE_UPDATED;
473 * Authenticate the user via one of any well-known password.
475 static int pap_authenticate(void *instance, REQUEST *request)
477 rlm_pap_t *inst = instance;
479 VALUE_PAIR *module_fmsg_vp;
480 char module_fmsg[MAX_STRING_LEN];
482 SHA1_CTX sha1_context;
484 char buff[MAX_STRING_LEN];
485 char buff2[MAX_STRING_LEN + 50];
486 int scheme = PAP_ENC_INVALID;
488 if (!request->password){
489 radlog(L_AUTH, "rlm_pap: Attribute \"Password\" is required for authentication.");
490 return RLM_MODULE_INVALID;
494 * Clear-text passwords are the only ones we support.
496 if (request->password->attribute != PW_USER_PASSWORD) {
497 radlog(L_AUTH, "rlm_pap: Attribute \"User-Password\" is required for authentication. Cannot use \"%s\".", request->password->name);
498 return RLM_MODULE_INVALID;
502 * The user MUST supply a non-zero-length password.
504 if (request->password->length == 0) {
505 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: empty password supplied");
506 module_fmsg_vp = pairmake("Module-Failure-Message", module_fmsg, T_OP_EQ);
507 pairadd(&request->packet->vps, module_fmsg_vp);
508 return RLM_MODULE_INVALID;
511 DEBUG("rlm_pap: login attempt with password %s",
512 request->password->vp_strvalue);
515 * First, auto-detect passwords, by attribute in the
518 if (inst->sch == PAP_ENC_AUTO) {
519 for (vp = request->config_items; vp != NULL; vp = vp->next) {
520 switch (vp->attribute) {
521 case PW_USER_PASSWORD: /* deprecated */
522 case PW_CLEARTEXT_PASSWORD: /* preferred */
525 case PW_CRYPT_PASSWORD:
528 case PW_MD5_PASSWORD:
531 case PW_SHA_PASSWORD:
540 case PW_SMD5_PASSWORD:
543 case PW_SSHA_PASSWORD:
546 case PW_NS_MTA_MD5_PASSWORD:
550 break; /* ignore it */
556 DEBUG("rlm_pap: No password configured for the user. Cannot do authentication");
557 return RLM_MODULE_FAIL;
562 if (inst->sch == PAP_ENC_CRYPT) {
563 vp = pairfind(request->config_items, PW_CRYPT_PASSWORD);
567 * Old-style: all passwords are in User-Password.
570 vp = pairfind(request->config_items, PW_USER_PASSWORD);
576 * Now that we've decided what to do, go do it.
581 DEBUG("rlm_pap: Using clear text password.");
582 if (strcmp((char *) vp->vp_strvalue,
583 (char *) request->password->vp_strvalue) != 0){
584 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: CLEAR TEXT password check failed");
588 DEBUG("rlm_pap: User authenticated successfully");
589 return RLM_MODULE_OK;
594 DEBUG("rlm_pap: Using CRYPT encryption.");
595 if (lrad_crypt_check((char *) request->password->vp_strvalue,
596 (char *) vp->vp_strvalue) != 0) {
597 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: CRYPT password check failed");
603 case PW_MD5_PASSWORD:
605 DEBUG("rlm_pap: Using MD5 encryption.");
608 if (vp->length != 16) {
609 DEBUG("rlm_pap: Configured MD5 password has incorrect length");
610 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured MD5 password has incorrect length");
614 MD5Init(&md5_context);
615 MD5Update(&md5_context, request->password->vp_strvalue,
616 request->password->length);
617 MD5Final(digest, &md5_context);
618 if (memcmp(digest, vp->vp_octets, vp->length) != 0) {
619 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: MD5 password check failed");
625 case PW_SMD5_PASSWORD:
627 DEBUG("rlm_pap: Using SMD5 encryption.");
630 if (vp->length <= 16) {
631 DEBUG("rlm_pap: Configured SMD5 password has incorrect length");
632 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured SMD5 password has incorrect length");
636 MD5Init(&md5_context);
637 MD5Update(&md5_context, request->password->vp_strvalue,
638 request->password->length);
639 MD5Update(&md5_context, &vp->vp_octets[16], vp->length - 16);
640 MD5Final(digest, &md5_context);
643 * Compare only the MD5 hash results, not the salt.
645 if (memcmp(digest, vp->vp_octets, 16) != 0) {
646 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SMD5 password check failed");
652 case PW_SHA_PASSWORD:
654 DEBUG("rlm_pap: Using SHA1 encryption.");
657 if (vp->length != 20) {
658 DEBUG("rlm_pap: Configured SHA1 password has incorrect length");
659 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured SHA1 password has incorrect length");
663 SHA1Init(&sha1_context);
664 SHA1Update(&sha1_context, request->password->vp_strvalue,
665 request->password->length);
666 SHA1Final(digest,&sha1_context);
667 if (memcmp(digest, vp->vp_octets, vp->length) != 0) {
668 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SHA1 password check failed");
674 case PW_SSHA_PASSWORD:
676 DEBUG("rlm_pap: Using SSHA encryption.");
679 if (vp->length <= 20) {
680 DEBUG("rlm_pap: Configured SSHA password has incorrect length");
681 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured SHA password has incorrect length");
686 SHA1Init(&sha1_context);
687 SHA1Update(&sha1_context, request->password->vp_strvalue,
688 request->password->length);
689 SHA1Update(&sha1_context, &vp->vp_octets[20], vp->length - 20);
690 SHA1Final(digest,&sha1_context);
691 if (memcmp(digest, vp->vp_octets, 20) != 0) {
692 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SSHA password check failed");
700 DEBUG("rlm_pap: Using NT encryption.");
703 if (vp->length != 16) {
704 DEBUG("rlm_pap: Configured NT-Password has incorrect length");
705 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured NT-Password has incorrect length");
709 sprintf(buff2,"%%{mschap:NT-Hash %s}",
710 request->password->vp_strvalue);
711 if (!radius_xlat(digest,sizeof(digest),buff2,request,NULL)){
712 DEBUG("rlm_pap: mschap xlat failed");
713 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
716 if ((lrad_hex2bin(digest, digest, 16) != vp->length) ||
717 (memcmp(digest, vp->vp_octets, vp->length) != 0)) {
718 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: NT password check failed");
726 DEBUG("rlm_pap: Using LM encryption.");
729 if (vp->length != 16) {
730 DEBUG("rlm_pap: Configured LM-Password has incorrect length");
731 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured LM-Password has incorrect length");
734 sprintf(buff2,"%%{mschap:LM-Hash %s}",
735 request->password->vp_strvalue);
736 if (!radius_xlat(digest,sizeof(digest),buff2,request,NULL)){
737 DEBUG("rlm_pap: mschap xlat failed");
738 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
741 if ((lrad_hex2bin(digest, digest, 16) != vp->length) ||
742 (memcmp(digest, vp->vp_octets, vp->length) != 0)) {
743 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: LM password check failed");
745 DEBUG("rlm_pap: Passwords don't match");
746 module_fmsg_vp = pairmake("Module-Failure-Message",
747 module_fmsg, T_OP_EQ);
748 pairadd(&request->packet->vps, module_fmsg_vp);
749 return RLM_MODULE_REJECT;
754 case PAP_ENC_NS_MTA_MD5:
756 DEBUG("rlm_pap: Using NT-MTA-MD5 password");
758 if (vp->length != 64) {
759 DEBUG("rlm_pap: Configured NS-MTA-MD5-Password has incorrect length");
760 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured NS-MTA-MD5-Password has incorrect length");
765 * Sanity check the value of NS-MTA-MD5-Password
767 if (lrad_hex2bin(vp->vp_octets, buff, 32) != 16) {
768 DEBUG("rlm_pap: Configured NS-MTA-MD5-Password has invalid value");
769 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured NS-MTA-MD5-Password has invalid value");
774 * Ensure we don't have buffer overflows.
776 * This really: sizeof(buff) - 2 - 2*32 - strlen(passwd)
778 if (strlen(request->password->vp_strvalue) >= (sizeof(buff2) - 2 - 2 * 32)) {
779 DEBUG("rlm_pap: Configured password is too long");
780 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: password is too long");
785 * Set up the algorithm.
790 memcpy(p, &vp->vp_octets[32], 32);
793 strcpy(p, request->password->vp_strvalue);
796 memcpy(p, &vp->vp_octets[32], 32);
799 MD5Init(&md5_context);
800 MD5Update(&md5_context, buff2, p - buff2);
801 MD5Final(digest, &md5_context);
803 if (memcmp(digest, buff, 16) != 0) {
804 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: NS-MTA-MD5 password check failed");
813 DEBUG("rlm_pap: No password configured for the user. Cannot do authentication");
814 return RLM_MODULE_FAIL;
819 * The module name should be the only globally exported symbol.
820 * That is, everything else should be 'static'.
822 * If the module needs to temporarily modify it's instantiation
823 * data, the type should be changed to RLM_TYPE_THREAD_UNSAFE.
824 * The server will then take care of ensuring that the module
825 * is single-threaded.
831 pap_instantiate, /* instantiation */
832 pap_detach, /* detach */
834 pap_authenticate, /* authentication */
835 pap_authorize, /* authorization */
836 NULL, /* preaccounting */
837 NULL, /* accounting */
838 NULL, /* checksimul */
839 NULL, /* pre-proxy */
840 NULL, /* post-proxy */